Dmitrii Pasechnik <dimp...@gmail.com> added the comment:
The script install_certificates.command depends upon pip, it calls pip to install certifi. Thus it's no less "optional" than pip. And pip is only functional, and it able to do the installation in question, due to it including the certificate in question. The role of this script is fishy from security point of view, too. Why not simply putting the certificate right where it belongs to, i.e. not just simplify install_certificates.command, but simply get rid of it? ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue36344> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
